Custom auth flow is not saving the token

tacenda · January 4, 2021, 7:59am

I'm following Custom API authentication doc for setup custom auth in my retool application. Everything is working fine, except step 5 " Saving the Authentication Token". I'm trying to set a variable name PASSWORD from my response JSON but it's always showing undefined. I've tries multiple ways to access it but every time it reacts the same.

My login response structure:- Screenshot by Lightshot
Using token in a header:- Screenshot by Lightshot
Define a variable:- Screenshot by Lightshot
I also tried {{http1}}, {{http1.body}}, {{http1.body.json.name}} and etc... but everytime it return undefined in PASSWORD.
TIA

justin · January 4, 2021, 6:57pm

Hey @tacenda and welcome to the forum! Thanks for the detailed screenshots.

Have you tried {{ http1.body.data.token }}? (or .name, not sure which you’re trying to extract). We might have erred in the docs there by putting .json instead of .data.

tacenda · January 5, 2021, 4:32am

Hi @justin, Thanks for your reply.
Yes, I have tried {{ http1.body.data.token }} and I also tried some combinations with http2 instead of http1 but every time it sets undefined in password. When I set a hardcoded value then it works fine.

justin · January 5, 2021, 6:32pm

@tacenda very strange. It does seem like you’re following the docs pretty much word for word, I’m not sure what the issue is. Could you attach a screenshot of the whole custom auth flow that you’ve built so I can see all of the steps?

tacenda · January 6, 2021, 1:56pm

HI @justin, Here are screenshots of my setup:-

Set URL & Header :- https://prnt.sc/whje1c
Custom Auth Modal:- https://prnt.sc/whjgg6
Custom API Request:- https://prnt.sc/whjhel
Define a variable:- https://prnt.sc/whji9k

Also, Check the login response https://prnt.sc/wfsabt

I was tried to set a hardcoded value for PASSWORD under Define a variable and it put that value in header successfully but unable to set from login response. https://prnt.sc/whjkv4

justin · January 6, 2021, 11:16pm

@tacenda thanks!! I think the issue might be that you’re missing a step in the custom auth workflow - seems like you have two steps defined, and then a refresh step, where you’re defining your variable. Can you move the “define a variable” step to the workflow itself? It should be the third step, right after you make your POST request with the username and password.

tacenda · January 8, 2021, 4:44am

Thanks @justin! It’s working.

justin · January 8, 2021, 3:34pm

Woohoo awesome!!

pete82 · November 4, 2022, 6:58am

Having a very similar problem if someone can help me out.

When i test my auth work flow my restful api replies with a "ApiKey"

On the refresh auth work flow i then define a variable as below

However, when i use this resource in my app and try and use any Action Type i get a apikey is required.

How can i set this up so that everytime that app runs it triggers the resource to fetch a new apikey and use it for the remainder of all the queries?

Cheers

pete82 · November 4, 2022, 7:39am

Further to this, if i use our swagger to query our restfull api

the curl responce looks like this

curl -X GET --header 'Accept: application/json' --header 'ApiKey: J6GnQ01w5mRUs/EW2La3diKWJqGHrr0w/7Rspk/rNC7zHvALN7mkgQ==' 'https://mysite.myserver.com/WebAPI/api/Member/?description=1'

Request URL looks like this
https://mysite.myserver.com/WebAPI/api/Member/?description=1

Responce body looks like this
[
"apikey": "J6GnQ01w5mRUs/EW2La3diKWJqGHrr0w/7Rspk/rNC7zHvALN7mkgQ=="

results of query
]

Response Code

200

Responce Header

{
"apikey": "J6GnQ01w5mRUs/EW2La3diKWJqGHrr0w/7Rspk/rNC7zHvALN7mkgQ==",
"apikeyexpiration": "20",
"cache-control": "no-cache",
"content-length": "27060",
"content-type": "application/json; charset=utf-8",
"date": "Fri, 04 Nov 2022 07:36:25 GMT",
"expires": "-1",
"pragma": "no-cache",
"server": "Microsoft-IIS/10.0",
"x-aspnet-version": "4.0.30319",
"x-powered-by": "ASP.NET"
}

Have i set this up wrong?

ugo.ago · November 4, 2022, 3:54pm

Hello @pete82,

You defined your variable within the "Refresh Auth Workflow"

You need to define it within the main custom auth workflow here

pete82 · November 5, 2022, 12:23am

Hi Ugo.ago

I moved the define variable step as suggested however when i run the query within the app, i still receive

{
"Message": "ApiKey is required."
}

However, if i run the resource on its own the apikey is returned.

ugo.ago · November 7, 2022, 10:31am

Hello @pete82,

Please could you share screenshots of your config at the moment

Please hide sensitive data

pete82 · November 9, 2022, 1:02pm

Hey Mate

Been playing with some of the settings but no luck as of yet.
Current settings look like this

If i test the Auth work flow i get the following reply

All scopes (this only appears for developers)

{
"debugState": {
"current_user": {
"email": "user@user.com",
"id": 1,
"firstName": "user",
"lastName": "user",
"metadata": null,
"groups": [
{
"id": 1,
"name": "admin",
"createdAt": "2022-11-01T10:46:10.660Z",
"updatedAt": "2022-11-01T10:46:10.660Z"
},
{
"id": 4,
"name": "All Users",
"createdAt": "2022-11-01T10:46:10.660Z",
"updatedAt": "2022-11-01T10:46:10.660Z"
},
{
"id": 2,
"name": "editor",
"createdAt": "2022-11-01T10:46:10.660Z",
"updatedAt": "2022-11-01T10:46:10.660Z"
}
]
},
"http1": {
"body": {
"ApiKey": "J6GnQ01w5mRUs/EW2La3djkvSfaz/RRBKmcWakiWIyTz8zcwEcWOqw==",
"ApiKeyExpiration": 20
},
"headers": {
"cache-control": [
"no-cache"
],
"pragma": [
"no-cache"
],
"content-length": [
"91"
],
"content-type": [
"application/json; charset=utf-8"
],
"expires": [
"-1"
],
"server": [
"Microsoft-IIS/10.0"
],
"x-aspnet-version": [
"4.0.30319"
],
"x-powered-by": [
"ASP.NET"
],
"date": [
"Wed, 09 Nov 2022 12:58:57 GMT"
]
}
}
}
}
Refresh auth workflow 0 steps

As you can see it returns the API key. I just cant work out how to get that key and pass it back into a query in the header.

pete82 · November 9, 2022, 1:04pm

Also have the timeout set below

I've tried with the cookies off also.

Cheers

ugo.ago · November 9, 2022, 3:04pm

Hi @pete82,

Please change Authorization to ApiKey

and delete Bearer

So you would have a key of ApiKey and value of PASSWORD

pete82 · November 9, 2022, 8:33pm

Hey Ugo,

Just tried that suggestion and had the same issue running the app

{
"request": {
"url": "https://myserver/WebAPI/api/product",
"method": "GET",
"body": null,
"headers": {
"User-Agent": "Retool/2.0 (+https://docs.tryretool.com/docs/apis)",
"---sanitized---": "---sanitized---",
"X-Retool-Forwarded-For": "::ffff:192.168.122.121"
}
},
"response": {
"data": {
"Message": "ApiKey is required."
},
"headers": {
"cache-control": [
"no-cache"
],
"pragma": [
"no-cache"
],
"content-length": [
"33"
],
"content-type": [
"application/json; charset=utf-8"
],
"expires": [
"-1"
],
"server": [
"Microsoft-IIS/10.0"
],
"x-aspnet-version": [
"4.0.30319"
],
"x-powered-by": [
"ASP.NET"
],
"date": [
"Wed, 09 Nov 2022 20:26:36 GMT"
]
},
"status": 403,
"statusText": "Forbidden"
}
}

rononiwu · November 19, 2022, 5:43am

I have the same exact issue. I utilize my resource in a shared query and it works properly (Confirming that my resource set up is correct). However, once I attempt to use that query in an app, it fails. Using the resource directly in the App fails as well. From my investigation, it looks like the variable from my resource is not being passed when I make the API call within the App. Can someone please look into this and assist as this is a significant blocker.

victoria · November 22, 2022, 6:23am

Hey @rononiwu! So it works in a query library query, but not in a standalone query? Would you mind sharing a screenshot of your resource setup page, as well as any specific errors you're getting?

victoria · August 2, 2023, 11:00pm